Skip to content

build: enable missing OpenSSF-recommended warnings, with fixes#12489

Closed
vszakats wants to merge 34 commits intocurl:masterfrom
vszakats:openssf
Closed

build: enable missing OpenSSF-recommended warnings, with fixes#12489
vszakats wants to merge 34 commits intocurl:masterfrom
vszakats:openssf

Conversation

@vszakats
Copy link
Member

@vszakats vszakats commented Dec 8, 2023
edited
Loading

https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
[as of 2023-11-29]

Enable new recommended warnings (except -Wsign-conversion):

  • enable -Wformat=2 for clang (in both cmake and autotools).
  • add CURL_PRINTF() internal attribute and mark functions accepting
    printf arguments with it. This is a copy of existing
    CURL_TEMP_PRINTF() but using __printf__ to make it compatible
    with redefinting the printf symbol:
    https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94
  • fix CURL_PRINTF() and existing CURL_TEMP_PRINTF() for
    mingw-w64 and enable it on this platform.
  • enable -Wimplicit-fallthrough.
  • enable -Wtrampolines.
  • add -Wsign-conversion commented with a FIXME.
  • cmake: enable -pedantic-errors the way we do it with autotools.
    Follow-up to d5c0351 Enable and fix more GCC warnings #2747
  • lib/curl_trc.h: use CURL_FORMAT(), this also fixes it to enable format
    checks. Previously it was always disabled due to the internal printf
    macro.

Fix them:

  • fix bug where an set_ipv6_v6only() call was missed in builds with
    --disable-verbose / CURL_DISABLE_VERBOSE_STRINGS=ON.
  • add internal FALLTHROUGH() macro.
  • replace obsolete fall-through comments with FALLTHROUGH().
  • fix fallthrough markups: Delete redundant ones (showing up as
    warnings in most cases). Add missing ones. Fix indentation.
  • silence -Wformat-nonliteral warnings with llvm/clang.
  • fix one -Wformat-nonliteral warning.
  • fix new -Wformat and -Wformat-security warnings.
  • fix CURL_FORMAT_SOCKET_T value for mingw-w64. Also move its
    definition to lib/curl_setup.h allowing use in tests/server.
  • lib: fix two wrongly passed string arguments in log outputs.
    Co-authored-by: Jay Satiro
  • fix new -Wformat warnings on mingw-w64.

Closes #12489

TODO:

  • fix to enable format checks for mingw.
  • fix -Warith-conversion warnings. [other PR]
  • fix -Wsign-conversion warnings. [other PR]

@vszakats vszakats added the build label Dec 8, 2023
@vszakats vszakats changed the title enable recommended OpenSSF warnings build: enable recommended OpenSSF warnings Dec 8, 2023
vszakats
vszakats commented Dec 8, 2023
View reviewed changes
bagder
bagder reviewed Dec 8, 2023
View reviewed changes
@vszakats vszakats changed the title build: enable recommended OpenSSF warnings build: enable missing OpenSSF-recommended warnings, with fixes Dec 8, 2023
@vszakats vszakats force-pushed the openssf branch 6 times, most recently from 8467031 to 722d4c8 Compare December 9, 2023 00:16
@github-actions github-actions bot added the CI Continuous Integration label Dec 9, 2023
@vszakats
Copy link
Member Author

vszakats commented Dec 9, 2023

This is ready now.

bagder
bagder reviewed Dec 11, 2023
View reviewed changes
vszakats
vszakats commented Dec 11, 2023
View reviewed changes
@vszakats
Copy link
Member Author

vszakats commented Dec 12, 2023

Renamed to use FALLTHROUGH();.

Is there something else to address?

This was referenced Apr 29, 2024
Closed
Closed
Closed
Closed
Closed
vszakats added a commit that referenced this pull request May 11, 2024
@vszakats
examples: fix/silence -Wsign-conversion
5b9955e 
- extend `FD_SET()` hack to all platforms (was only Cygwin).
  Warnings may also happen in other envs, e.g. OmniOS.
  Ref: https://github.com/libssh2/libssh2/actions/runs/8854199687/job/24316762831#step:3:2021

- tidy-up `CURLcode` vs `int` use.

- cast an unsigned to `long` before passing to `curl_easy_setopt()`.

Cherry-picked from #13489
Follow-up to 3829759 #12489
Closes #13501
vszakats added a commit to vszakats/curl that referenced this pull request Jun 5, 2024
@vszakats
build: enable (non-fatal) -Wsign-conversion warnings (OpenSSF)
2b9977a 
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request Jun 5, 2024
@vszakats
build: make -Wsign-conversion an error (OpenSSF)
788ea94 
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
@vszakats vszakats mentioned this pull request Aug 22, 2024
Closed
@vszakats vszakats mentioned this pull request Sep 1, 2024
Closed
1 task
vszakats added a commit that referenced this pull request Sep 2, 2024
@vszakats
printf: fix mingw-w64 format checks
e512fbf 
Change mingw-w64 printf format checks in public curl headers to use
`__MINGW_PRINTF_FORMAT` instead of `gnu_printf`. This syncs the format
checker with format string macros published via `curl/system.h`. (Also
disable format checks for mingw-w64 older than 3.0.0 (2013-09-20) and
classic-mingw, which do not support this macro.)

This fixes bogus format checker `-Wformat` warnings in 3rd party code
using curl format strings with the curl printf functions, when using
mingw-w64 7.0.0 (2019-11-10) and older (with GCC, MSVCRT).

It also allows to delete two workaounds for this within curl itself:
- setting `-D__USE_MINGW_ANSI_STDIO=1` for mingw-w64 via cmake and
  configure for `docs/examples` and `tests/http/clients`.
  Ref: c730c85 #14640

The format check macro is incompatible (depending on mingw-w64 version
and configuration) with the C99 `%z` (`size_t`) format string used
internally by curl.

To work around this problem, override the format check style in curl
public headers to use `gnu_printf`. This is compatible with `%z` in all
mingw-w64 versions and allows keeping the C99 format strings internally.

Also:
- lib/ws.c: add missing space to an error message.
- docs/examples/ftpgetinfo.c: fix to use standard printf.

Ref: #14643 (take 1)
Follow-up to 3829759 #12489

Closes #14703
@vszakats vszakats mentioned this pull request Jan 8, 2025
Closed
vszakats added a commit that referenced this pull request Jan 9, 2025
@vszakats
build: delete -Wsign-conversion related FIXMEs
8a266ac 
We decided last year not to pursue avoiding this warning, because it
adds noise and friction, while in most cases not revealing actual code
issues. We fixed the interesting portion of them throughout mid-2024.

Conclude this effort by deleting related FIXMEs and temporary comments.

Follow-up to 3829759 #12489
Closes #15939
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bagder bagder bagder left review comments

Assignees

No one assigned

Labels

build CI Continuous Integration cmdline tool libcurl API tests

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vszakats @jay @bagder